Perhaps we can achieve consensus on the following and move forward from there:
(1) The nature of systems producing, transporting, consuming, and operationalizing CTI represent a special class in terms of risks and impacts of compromise.
(2) Our Adversaries will agressively target these systems as the effectiveness of same impede their ability and/or increase efforts/costs to execute "Actions on ObjectIves".
(3) Attack Surface Reduction (ASR) should be a core tenet of the CTI TC Standards. A majority of the diverse sets of systems operationally participating in a global CTI Ecosystem require system hardening.
Therefore, CTI TC Standards should only require implementation of the specific functional elements (e.g., Ports, Protocols, Services, Application interfaces) required to deliver a conformant instantiation of that feature/function.
If we concur on these core tenets, then we need a mechanism to manage the resultant variability in conformant systems. One way is to establish "Profiles".
The OASIS KMIP TC provides a reference implementation of the practical application of "Profiles" to Confomance Clauses and Interoperability Testing . KMIP Profiles in turn link to associated KMIP Test Cases. Any Interested parties seeking representative
examples of the principles advocated here can start with the Key Management Interoperability Protocol  Profiles and  Test-Cases.
 [ KMIP-Profiles] Key Management Interoperability Protocol Profiles Version 1.2. Edited by Tim Hudson and Robert Lockhart. 19 May 2015. OASIS Standard.
Integrated Networking Technologies, Inc.
Maybe this is where we need to separate the STIX certification into different categories to enable that differentiation to be recorded?
Full STIX compliance: full STIX including full CybOX objects and patterning.
Partial STIX compliance: STIX implementation of more than the specialized STIX compliance but not a full implementation of all parts of STIX.
Specialized STIX compliance: STIX and CybOX only focused on a specific subset of the language, and designed for a single purpose.
For a full STIX implementation I would expect the platform to implement the CybOX patterning. For a specialized STIX implementation I would expect it to only be implemented if it was required in that instance.
And as for allowing extensions to the list of signatures/patterns, I agree that's a good idea.